﻿using System.Collections.Generic;
using IdentityServer4;
using IdentityServer4.Models;

namespace AuthServer
{
    public class Config
    {
        public static IEnumerable<IdentityResource> GetIdentityResources()
        {
            return new List<IdentityResource>
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Email(),
                new IdentityResources.Profile(),
            };
        }

        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>
            {
                new ApiResource("resourceapi", "Resource API")
                {
                    Scopes = {new Scope("api.read")}
                },
                new ApiResource("IdentityServerApi")
            };
        }

        public static IEnumerable<Client> GetClients()
        {
            return new[]
            {
                new Client {
                    RequireConsent = false,
                    ClientId = "angular_spa",
                    ClientName = "Angular SPA",
                    //AllowedGrantTypes = GrantTypes.Implicit,
                    AllowedGrantTypes = GrantTypes.Hybrid,

                    AllowedScopes = { "openid", "profile", "email", "api.read" },
                    RedirectUris = {"http://localhost"},
                    PostLogoutRedirectUris = {"http://identitydemo.jldakj.com/"},
                    AllowedCorsOrigins = {"http://identitydemo.jldakj.com"},
                    AllowAccessTokensViaBrowser = true,
                    AccessTokenLifetime = 3600,

                },
                new Client {

                   ClientId = "android",
                   RequireClientSecret = false,
                   ClientName = "Android app client",
                   AllowedGrantTypes = GrantTypes.Code,
                   //AllowedGrantTypes = GrantTypes.Hybrid,
                   RequirePkce = true,
                   //AllowAccessTokensViaBrowser = true,
                   RequireConsent = false,

                   RedirectUris = { "io.identitymodel.native://callback/","http://default.cc.com","com.cc.app://oidccallback" },
                   AllowedScopes =
                   {
                       "openid", "profile", "email", "api.read","api1","IdentityServerApi"
                   },
                   AllowOfflineAccess = true
                },
                new Client {

                   ClientId = "native.hybird",
                   RequireClientSecret = false,
                   ClientName = "native hybird Android app client",
                   AllowedGrantTypes = GrantTypes.Code,
                   RequirePkce = true,
                   //AllowAccessTokensViaBrowser = true,
                   RequireConsent = false,

                   RedirectUris = { "io.identitymodel.native://callback","http://default.cc.com","com.cc.app://oidccallback" },
                   AllowedScopes =
                   {
                       "openid", "profile", "email", "api.read","api1","api","offline_access"
                   },
                   AllowOfflineAccess = true
                },
                new Client{
                    ClientId = "pwd",
                    RequireClientSecret=false,
                    ClientName = "password mode client",
                    AllowedGrantTypes=GrantTypes.ResourceOwnerPassword,
                    RequirePkce=false,
                    RequireConsent=false,
                    AllowedScopes={
                        "openid", "profile", "email", "api.read","IdentityServerApi"
                    }
                },
                new Client{
                    ClientId="mvc",
                    ClientSecrets={new Secret("secret".Sha256()) },

                    AllowedGrantTypes=GrantTypes.Code,
                    RequireConsent=false,
                    RequirePkce=true,

                    RedirectUris={ "http://localhost:5002/signin-oidc","http://eng.youthcreation.cn/signin-oidc"},
                    PostLogoutRedirectUris={ "http://localhost:5002/signin-oidc" },
                    AllowedScopes=new List<string>
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile
                    }
                }
            };
        }
    }
}
